[Secure-testing-commits] r15843 - in data: . CVE

Moritz Muehlenhoff jmm at alioth.debian.org
Thu Jan 13 21:44:37 UTC 2011 

Author: jmm
Date: 2011-01-13 21:44:36 +0000 (Thu, 13 Jan 2011)
New Revision: 15843

Removed:
   data/elf-vuln
Modified:
   data/CVE/list
Log:
one more cpi.pm fix
fix up old mysql entry
remove historic file


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2011-01-13 21:16:40 UTC (rev 15842)
+++ data/CVE/list	2011-01-13 21:44:36 UTC (rev 15843)
@@ -1625,7 +1625,7 @@
 	NOT-FOR-US: pfSense
 CVE-2010-4411 (Unspecified vulnerability in CGI.pm 3.50 and earlier allows remote ...)
 	- perl 5.10.1-17 (bug #606995)
-	- libcgi-pm-perl <unfixed> (bug #606370)
+	- libcgi-pm-perl 3.51-1 (bug #606370)
 CVE-2010-4410 (CRLF injection vulnerability in the header function in (1) CGI.pm ...)
 	- perl 5.10.1-17 (bug #606995)
 	- libcgi-pm-perl 3.50-1 (bug #606370)
@@ -98813,7 +98813,7 @@
 CVE-2003-0151 (BEA WebLogic Server and Express 6.0 through 7.0 does not properly ...)
 	NOT-FOR-US: BEA WebLogic Server
 CVE-2003-0150 (MySQL 3.23.55 and earlier creates world-writeable files and allows ...)
-	NOT-FOR-US: Historic MySQL issue
+	- mysql <removed>
 CVE-2003-0149 (Heap-based buffer overflow in ePO agent for McAfee ePolicy ...)
 	NOT-FOR-US: McAfee ePolicy Orchestrator
 CVE-2003-0148 (The default installation of MSDE via McAfee ePolicy Orchestrator 2.0 ...)

Deleted: data/elf-vuln
===================================================================
--- data/elf-vuln	2011-01-13 21:16:40 UTC (rev 15842)
+++ data/elf-vuln	2011-01-13 21:44:36 UTC (rev 15843)
@@ -1,35 +0,0 @@
-binutils (fixed)
-elfutils (not in debian)
-gdb (fixed)
-ht (fixed)
-prelink (not affected, as not using elfutils library)
-elfsign
-rpm (not affected, only newer than in debian contains elfutils)
-acl2 (affected according to maintainer, full exploit potential unclear, rebuilds complicated)
-alleyoop (moritz checking)
-axiom  (affected according to maintainer, full exploit potential unclear, rebuilds complicated)
-crash (micah is talking with upstream)
-fenris (not in sarge, moritz checking)
-gccchecker
-gcl (affected according to maintainer, full exploit potential unclear, rebuilds complicated)
-gclcvs (affected according to maintainer, full exploit potential unclear, rebuilds complicated)
-ggcov
-insight
-kdebindings
-kdesdk
-kmd (fixed)
-ksymoops
-lcrash (fixed)
-ltrace (not vuln)
-lush
-maxima
-memprof
-mol
-mpatrol
-nitpic
-nmap
-oprofile
-oprofile-source
-kernel-patch-kdb
-chpax (not vuln)
-paxctl (not vuln)

More information about the Secure-testing-commits mailing list